Totality versus Turing-Completeness? - CIS Personal Web Pages

P. Schroeder-Heister, and R. F. Stärk, editors, Proof Theory in Computer ... Fourth Annual Symposium on Logic in Computer Science (LICS '89), Pacific Grove,.
275KB Sizes 0 Downloads 80 Views
Totality versus Turing-Completeness? Conor McBride University of Strathclyde [email protected]

Abstract. In this literate Agda paper, I show that general recursive definitions can be represented in the free monad which supports the ‘effect’ of making a recursive call, without saying how these programs should be executed. Diverse semantics can be given by suitable monad morphisms. The Bove-Capretta construction of the domain of a general recursive function can be presented datatype-generically as an instance of this technique.

1

Introduction

Advocates of Total Functional Programming [17], such as myself, can prove prone to a false confession, namely that the price of functions which function is the loss of Turing-completeness. In a total language, to construct f : S → T is to promise a canonical T eventually, given a canonical S. The alleged benefit of general recursion is just to inhibit such strong promises. To make a weaker promise, simply construct a total function of type S → G T where G is a suitable monad. The literature and lore of our discipline are littered with candidates for G, and this article will contribute another—the free monad with one operation f : S → T . To work in such a monad is to write a general recursive function without prejudice as to how it might be executed. We are then free, in the technical sense, to choose any semantics for general recursion we like by giving a suitable monad morphism to another notion of partial computation. For example, Venanzio Capretta’s partiality monad [10], also known as the completely iterative monad on the operation yield : 1 → 1, which might never deliver a value, but periodically offers its environment the choice of whether to interrupt computation or to continue. Meanwhile, Ana Bove gave, with Capretta, a method for defining the domain predicate of a general recursive function simultaneously with the delivery of a value for every input satisfying that domain predicate [8]. Their technique gives a paradigmatic example of defining a datatype and its interpretation by induction-recursion in the sense of Peter Dybjer and Anton Setzer [11, 12]. Dybjer and Setzer further gave a coding scheme which renders first class the characterising data for inductiverecursive definitions. In this article, I show how to compute from the free monadic presentation of a general recursive function the code for its domain predicate. By doing so, I implement the Bove-Capretta method once for all, systematically delivering (but not, of course, discharging) the proof obligation required to strengthen the promise from partial f : S → G T to the total f : S → T . Total functional languages remain logically incomplete in the sense of G¨odel. There are termination proof obligations which we can formulate but not discharge within any given total language, even though the relevant programs—notably the language’s own evaluator—are total. Translated across the Curry-Howard correspondence, the argument for general recursion asserts that logical inconsistency is a price worth paying for logical completeness, notwithstanding the loss of the language’s value as evidence. Programmers are free to maintain that such dishonesty is essential to their capacity to earn a living, but a new generation of programming technology enables some of us to offer and deliver a higher standard of guarantee. Faites vos jeux!

2

The General Free Monad

Working (http://github.com/pigworker/Totality), in Agda, we may define a free monad which is general, both in the sense of being generated by any strictly positive functor, and in the sense of being suited to the modelling of general recursion. data General (S : Set) (T : S → Set) (X : Set) : Set where !! : X → General S T X ?? : (s : S ) → (T s → General S T X ) → General S T X infixr 5 ?? At each step, we either output an X , or we make the request s ?? k , for some s : S , where k explains how to continue once a response in T s has been received. That is, values in General